package filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


@WebFilter("/*")
public class RoleFilter extends HttpFilter implements Filter {
       

    public RoleFilter() {
        super();
        // TODO Auto-generated constructor stub
    }


	public void destroy() {
		// TODO Auto-generated method stub
	}


	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		// TODO Auto-generated method stub
		// place your code here

		// pass the request along the filter chain
		chain.doFilter(request, response);
		HttpServletRequest req = (HttpServletRequest) request;
        String uri = req.getRequestURI();
        String role = (String) req.getSession().getAttribute("role");

        if (uri.startsWith(req.getContextPath() + "/admin/")) {
            if ("admin".equals(role)) {
                chain.doFilter(request, response);
            } else {
                ((HttpServletResponse) response).sendRedirect(req.getContextPath() + "/no_permission.jsp");
            }
        } else {
            chain.doFilter(request, response);
            	
        }
	}

	
	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
	}

}
